Professional Documents
Culture Documents
1. Microsoft Exchange
Vulnerability:
A vulnerability has been discovered in Microsoft Exchange, which could allow
for privilege escalation. In the context of any compromised email account on the
network, an attacker may be able to gain access to the Domain Admin account due
to default configuration settings on Microsoft Exchange Servers. It is also possible
to perform this attack without any credentials. An attacker may achieve this due to
the following:
Exchange Servers by default are configured with many high privilege
operations, this includes write access to the Domain Object in Active Directory.
Access to Domain Object enables the user to modify domain privileges.
Exchange Servers are vulnerable to NTLM relay attacks because the Exchange
server fails to set the Sign and Seal flags on NTLM operations. This can allow
attackers to obtain the server’s NTML hash..
A feature in Exchange Web Services (EWS) can allow attackers to trick the
Exchange Server authenticate on an attacker-controlled URL over HTTP using the
server’s computer account.
If the attacker does not have credentials, it is possible to still trigger Exchange
to authenticate to an attacker controlled URL by performing a SMB to HTTP relay
attack.
Advantage:
We can route our emails locally which can save the bandwidth in immense
amount.
We can backups our emails from a centralized location but in case of Yahoo
hosting we cant.
2. Gmail
Vulnerability:
3. Microsoft Outlook
Vulnerability:
A remote code execution vulnerability exists in Microsoft Outlook
software when it fails to properly handle objects in memory. An attacker
who successfully exploited the vulnerability could use a specially crafted
file to perform actions in the security context of the current user. For
example, the file could then take actions on behalf of the logged-on user
with the same permissions as the current user.
Advantage:
o Access Messages in An Organized Environment
Outlook utilizes a folder system that enables efficient
message organization. You can easily access each
message and any accompanying attachments all in one
place. Likewise, tasks such as sending messages and
attaching files can also be accomplished in an organized
fashion.
o Manage Contacts
The Outlook desktop email client allows you to
manage contacts through simple navigation and
keyboard commands. Easily access the address book
and find important contacts when you need to send
messages or meeting requests.
References
KRAUS, R. (2018, Sep 29). Gmail's third-party app policy: Security experts explain the risks. Retrieved
from mashable: https://mashable.com/article/gmail-app-developers-cybersecurity/